Rolling code based point of access system for event tickets stored in mobile access devices

This application is a divisional of U.S. patent application Ser. No. 16/942,942 filed on Jul. 30, 2020. The entire disclosure of the above application is incorporated herein by reference.

The present disclosure relates to point of access security systems for ticket required access events.

The background description provided here is for the purpose of generally presenting the context of the disclosure. Work of the presently named inventors, to the extent it is described in this background section, as well as aspects of the description that may not otherwise qualify as prior art at the time of filing, are neither expressly nor impliedly admitted as prior art against the present disclosure.

An attendee to an event, such as a sporting event or a concert, can gain access to the event by purchasing a ticket online and downloading and presenting the ticket to an attendant at the venue of the event. The ticket may be downloaded to the attendee's personal cellular phone and/or other portable network device. As an example, the portable network device may receive an encrypted code (e.g., QR code) when the ticket is purchased. The attendee may then, on the day of the event, have the code scanned at a point of entry in order to be permitted into the facility of the event. The attendant may scan the code or the attendee may hold the code in front of a scanner at, for example, a turnstile point of entry.

A passenger of a vehicle (e.g., an automobile, a bus, a train or an airplane) may similarly purchase a ticket online and present the ticket in the form of a QR code at a point of entry. For example, the passenger may have the QR code scanned by a vehicle attendant and/or a scanner of the vehicle prior to being permitted to enter the vehicle and/or the vehicle leaving a departure location.

A system for providing ticket based authorized entry of a mobile access device. The system includes a memory, a transceiver and a control module. The memory is configured to store an access code of a ticket of an event to be accessed by the mobile access device using the ticket. The mobile access device stores the access code. The transceiver is configured to communicate with the mobile access device. The control module is configured to: determine when the ticket was purchased; determine at least one of (i) an amount of time since the ticket was purchased, or (ii) an amount of time since the access code of the ticket was last updated; and updates the access code stored in the memory and signals the mobile access device via the transceiver to update the access code stored at the mobile access device in response to at least one of (i) the amount of time since the ticket was purchased exceeding a first predetermined amount of time, or (ii) the amount of time since the access code of the ticket was last updated exceeding a second predetermined amount of time. Access to the event by the mobile access device and a corresponding ticket holder is based on the updated access code.

In other features, the control module is configured to (i) determine the amount of time since the ticket was purchased, and (ii) update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device in response to the amount of time since the ticket was purchased having exceeded the first predetermined amount of time.

In other features, the control module is configured to (i) determine the amount of time since the access code of the ticket was last updated, and (ii) update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device in response to the amount of time since the access code of the ticket was last updated having exceeded the second predetermined amount of time.

In other features, the control module is configured to periodically, pseudo-randomly or randomly signal the mobile access device to update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device prior to the ticket being used to gain entry to the event.

In other features, the control module is configured to (i) determine a location of the mobile access device, and (ii) signal the mobile access device to update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device when the mobile access device is within a predetermined distance of a point of entry of the event.

In other features, the system is configured to: receive the access code stored at the mobile access device; compare the access code received from the mobile access device to the updated access code; determine whether the received access code from the mobile access device is valid; and in response to determining that the access code received from the mobile access device is valid, actuate an entry device to provide permitted passage to the event for the ticket holder of the mobile access device.

In other features, the control module is configured to, when updating the access code stored in the memory append a new access code to at least a portion of a previous access code.

In other features, a system is provided for ticket based authorized entry of a mobile access device. The system includes a memory, a transceiver and a control module. The memory is configured to store an access code corresponding to a ticket of an event to be accessed by the mobile access device, where the mobile access device stores the access code. The transceiver is configured to communicate with the mobile access device. The control module is configured to: determine a location of the mobile access device relative to a check point location for the event; determine whether the mobile access device is at or closer to a point of entry of the event than the check point location; and in response to the determining that the mobile access device is at or closer to the point of entry than the check point location, update the access code stored in the memory and signal the mobile access device via the transceiver to update the access code stored at the mobile access device. Access to the event by the mobile access device and a corresponding ticket holder is based on the updated access code.

In other features, the control module is configured to iteratively, for each check point passed by the mobile access device, update the access code in the memory and the access code stored at the mobile access device.

In other features, the control module is configured to (i) monitor movement of the mobile access device, and (ii) while the mobile access device is moving and is within a predetermined range of the check point location, update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device.

In other features, the system is configured to: receive the access code stored at the mobile access device; compare the access code received from the mobile access device to the updated access code; determine whether the received access code from the mobile access device is valid; and in response to determining that the access code received from the mobile access device is valid, actuate an entry device to provide permitted passage to the event for the ticket holder of the mobile access device.

In other features, the control module is configured to update the access code stored in the memory based on an amount of time since the ticket was purchased by the ticket holder associated with the mobile access device.

In other features, the control module is configured to, when updating the access code stored in the memory append a new access code to at least a portion of the access code stored in the memory or at least a portion of the updated access code.

In other features, the control module is configured to, when updating the access code stored in the memory append a new access code to at least a portion of the access code stored in the memory or at least a portion of the updated access code.

In other features, a station for providing ticket based authorized entry of a mobile access device is provided. The station includes a memory, a transceiver and a control module. The memory is configured to store an access code of a ticket of an event to be accessed by the mobile access device using the ticket. The mobile access device stores the access code. The transceiver is configured to communicate with the mobile access device. The control module is configured to: determine when the ticket was purchased; determine at least one of (i) an amount of time since the ticket was purchased, or (ii) an amount of time since the access code of the ticket was last updated; and updates the access code stored in the memory and signals the mobile access device via the transceiver to update the access code stored at the mobile access device in response to at least one of (i) the amount of time since the ticket was purchased exceeding a first predetermined amount of time, or (ii) the amount of time since the access code of the ticket was last updated exceeding a second predetermined amount of time. Access to the event by the mobile access device and a corresponding ticket holder is based on the updated access code.

In other features, the control module is configured to (i) determine the amount of time since the ticket was purchased, and (ii) update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device in response to the amount of time since the ticket was purchased having exceeded the first predetermined amount of time.

In other features, the control module is configured to (i) determine the amount of time since the access code of the ticket was last updated, and (ii) update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device in response to the amount of time since the access code of the ticket was last updated having exceeded the second predetermined amount of time.

In other features, the control module is configured to periodically, pseudo-randomly or randomly signal the mobile access device to update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device prior to the ticket being used to gain entry to the event.

In other features, the control module is configured to (i) determine a location of the mobile access device, and (ii) signal the mobile access device to update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device when the mobile access device is within a predetermined distance of a point of entry of the event.

In other features, the station is configured to: receive the access code stored at the mobile access device; compare the access code received from the mobile access device to the updated access code; determine whether the received access code from the mobile access device is valid; and in response to determining that the access code received from the mobile access device is valid, actuate an entry device to provide permitted passage to the event for the ticket holder of the mobile access device.

In other features, the control module is configured to, when updating the access code stored in the memory append a new access code to at least a portion of a previous access code.

In other features, a station for providing ticket based authorized entry of a mobile access device is provided. The station includes a memory, a transceiver and a control module. The memory is configured to store an access code corresponding to a ticket of an event to be accessed by the mobile access device. The mobile access device stores the access code. The transceiver is configured to communicate with the mobile access device. The control module is configured to: determine a location of the mobile access device relative to a check point location for the event; determine whether the mobile access device is at or closer to a point of entry of the event than the check point location; and in response to the determining that the mobile access device is at or closer to the point of entry than the check point location, update the access code stored in the memory and signal the mobile access device via the transceiver to update the access code stored at the mobile access device. Access to the event by the mobile access device and a corresponding ticket holder is based on the updated access code.

In other features, the control module is configured to iteratively, for each check point passed by the mobile access device, update the access code in the memory and the access code stored at the mobile access device.

In other features, the control module is configured to (i) monitor movement of the mobile access device, and (ii) while the mobile access device is moving and is within a predetermined range of the check point location, update the access code stored in the memory and signal the mobile access device to update the access code stored at the mobile access device.

In other features, the station is configured to: receive the access code stored at the mobile access device; compare the access code received from the mobile access device to the updated access code; determine whether the received access code from the mobile access device is valid; and in response to determining that the access code received from the mobile access device is valid, actuate an entry device to provide permitted passage to the event for the ticket holder of the mobile access device.

In other features, the control module is configured to update the access code stored in the memory based on an amount of time since the ticket was purchased by the ticket holder associated with the mobile access device.

In other features, the control module is configured to, when updating the access code stored in the memory append a new access code to at least a portion of the access code stored in the memory or at least a portion of the updated access code.

In other features, A mobile access device is provided and includes a memory, a transceiver and a control module. The memory is configured to store an access code of a ticket for an event. The transceiver is configured to communicate with a first station of the event. The control module is configured to: receive a signal from the first station to update the access code based on time since the ticket was purchased or a location of the mobile access device; update the access code stored in the memory based on the signal; show or transmit the updated access code to the first station or a second station as an access request when the mobile access device is at a point of entry; and receive a signal from the first station or the second station indicating a status of the access request.

In other features, the control module is configured to update the access code stored in the memory without receiving an updated access code from a station.

In other features, the control module is configured to select a next access code in a list of access codes stored in the memory in response to receiving the signal to update the access code.

In other features, the control module is configured to generate the updated access code based on a predetermined algorithm stored in the memory.

In other features, the signal includes an updated access code for the ticket; and the control module replaces the access code stored in the memory with the updated access code included in the signal.

In other features, the control module is configured to append a new access code to at least a portion of the access code stored in the memory when updating the access code stored in the memory.

In other features, the control module is configured to: append a first new access code to the access code stored in the memory to form an updated access code when the mobile access device passes the point of entry a first time; and either (i) append a second new access code to the first new access code and drop a remainder of the updated access code when the mobile access device passes the point of entry a second time, or (ii) append the second new access code to the remainder of the updated access code and drop the first new access code when the mobile access device passes the point of entry the second time.

Further areas of applicability of the present disclosure will become apparent from the detailed description, the claims and the drawings. The detailed description and specific examples are intended for purposes of illustration only and are not intended to limit the scope of the disclosure.

In the drawings, reference numbers may be reused to identify similar and/or identical elements.

A purchaser of a ticket (referred to herein as the “ticket holder”) for an event may have a ticket in the form of an encrypted code stored on a mobile access device (e.g., cellular phone, tablet, wearable device, etc.). The encrypted code may be in the form of a QR code or other encrypted code, which is shown at the venue to gain access to the event. Prior to arriving at the venue on the day of the event and/or prior to being at the point of access to the event, an attacking device of a cyber criminal may attack the mobile access device and/or perform a spoofing process to copy and/or download the encrypted code. The user of the attacking device may then access the event prior to the ticket holder, thereby preventing the ticket holder from accessing the event.

The examples set forth herein include a mobile access device of a ticket holder obtaining updated encrypted access codes for a ticket to thereby prevent an attacking device from in effect stealing the ticket of the ticket holder. The updated encrypted codes may be provided based on time and/or geographical locations of the mobile access device. In one embodiment, the provided encrypted codes are appended to previous encrypted codes and collectively used to verify whether the mobile access device and user of the mobile device are authorized to access the event. The encrypted codes may be generated using rolling code generators, which may provide a next rolling code and/or other credentials for accessing the event. These examples allow credentials to be reissued and/or updated up until the mobile access device of the ticket holder is within a predetermined distance of a point of entry of the event. As an example, the point of entry may be at a turnstile, a gated entrance, at or near an x-ray scanner at an entryway, at a doorway, at an entrance of a vehicle, etc.

shows a security access systemthat includes a security central monitoring station,, one or more mobile access devices, and one or more check point stations. The security central monitoring stationmay be remotely located from the mobile access devicesand the check point stations. In the example shown, the mobile access deviceA stores encrypted codesincluding one or more access codes and one or more user and mobile access device identification and authorization codes. The access codes are associated with a purchased ticket purchased by a ticket holder. The ticket holder may own and/or have authorized access to the mobile access deviceA. The security central monitoring stationprovides, updates and/or initiates updating of the encrypted access codes. The encrypted access codes may be shared with one or more of the check point stationsthat are at a point of entry to the event associated with the ticket. In one embodiment, the security central monitoring stationis implemented at a point of entry and/or is incorporated in a check point station at the point of entry. The security monitoring system may be centrally located at the venue of the event and/or remotely located away from the check point stations.

The security central monitoring stationincludes a rolling code generating module. The mobile access deviceA includes an access moduleand a memorythat stores the codes. In the example shown, the check point stationA is at a point of entry and includes a verification module. In an embodiment, the access moduleand the verification moduleoperate as rolling code generating modules. The rolling code generating modules select, generate and/or determine next access codes of a ticket. Each of the rolling code generating modules may be signaled and/or triggered to provide a next access code and may provide that code independent of the other rolling code generating modules as further described below. In another embodiment, the rolling code generating modulegenerates a next access code and provides the access code to the access moduleand the verification module.

The access modulemay store the next (or updated) access code as one of the codesor replace one of the codeswith the updated access code. When the mobile access deviceA is presented on the day of the event at the check point stationA, the verification moduleverifies the codes provided by the mobile access device against updated stored codes to determine if the mobile access device and corresponding user are authorized to enter (i.e. gain access to the event). If access is granted, the verification modulemay, for example, unlock an entry device as further described below to allow the user of the mobile access device to enter the corresponding facility, stadium, vehicle, pavilion, arena, hall, etc. of the event. The rolling code generating modulemay be implemented at one of the check point stations.

Table 1 refers to a few example update methods that may be implemented by the security central monitoring stationand devices,. Although three methods are listed including a time-based method, a geographical location-based method, and an appending method, other methods may be implemented and are described below. For example, a combination of the time-based, geographical location-based and appending methods may be implemented. The time-based method includes the rolling code generating moduleand/or other rolling code generating modules periodically, pseudo-randomly, or randomly providing an updated access code and/or initiating changing of a current access code of a ticket to an event. This time-based approach may be based on time since the ticket was initially purchased, time since the mobile access device arrived at or is within a predetermined distance of the venue, time until the event starts, etc. In one embodiment, the access code is updated multiple times prior to the ticket being validated and the user and mobile access device gaining access to the event.

In one embodiment, a new access code is transmitted from the security central monitoring stationto the mobile access deviceA. In another embodiment, the security central monitoring stationsignals the mobile access deviceA to use a next predetermined access code previously stored at the security central monitoring stationand the mobile access deviceA, for example, when the ticket was initially purchased. When the ticket is initially purchased, multiple access codes may be provided and/or generated and stored in the mobile access deviceA. These access codes are, at the time of purchase, known to the mobile access deviceA and the security central monitoring stationand may also be known to one or more of the check point stations. These codes may also be provided and/or generated at one or more of the check point stations. The check point stationsmay also be updated when the mobile access deviceA is updated. The updates may include the security central monitoring stationsignaling the mobile access deviceA and the check point stationswith the updated access code or signaling the mobile access deviceA and the check point stationsto update the access code with a next stored access code. Other techniques for generating the next access codes are describe below.

Table 1 provides examples of the time-based, geographical location-based, and appending methods as compared to a traditional approach. Table 1 shows that for a traditional ticket purchase and access method a same access code A is provided at purchase of the ticket and is maintained and used to access the event. For the time-based approach, the access code is replaced multiple times prior to gaining access to the event based on when predetermined time thresholds have been exceeded. As shown, the access code is changed from A to B, then to C and then to D. The access code may be changed any number of times prior to gaining access to the event.